class User < ActiveRecord::Base
  attr_accessible :birthday, :email, :fullname, :gender,:hashed_password, :password_confirmation, :password , :phone,  :social_id,:salt, :uni_id, :university, :username
 has_many:loan
    validates :username,:email,:presence => true , :uniqueness => true
    validates_presence_of :gender, :fullname, :university, :uni_id 
    validates :password, :confirmation => true 
    validate :password_must_be_present
    attr_reader :password
    attr_accessor :password_confirmation
    
  def User.authenticate(name, password)
    if user = find_by_username(name)
      if user.hashed_password == encrypt_password(password, user.salt)
      user
      end
    end
  end
  def User.encrypt_password(password, salt)
    Digest::SHA2.hexdigest(password + "wibble" + salt)
  end
# 'password' is a virtual attribute
  def password=(password)
    @password = password
    if password.present?
      generate_salt
      self.hashed_password = self.class.encrypt_password(password, salt)
    end
  end

private
  def password_must_be_present
    errors.add(:password, "Missing password") unless hashed_password.present?
  end
  
  def generate_salt
    self.salt = self.object_id.to_s + rand.to_s
  end

end
